Add basic support for the Multiprocessor Resource Sharing Protocol
(MrsP).
The Multiprocessor Resource Sharing Protocol (MrsP) is defined in A.
Burns and A.J. Wellings, A Schedulability Compatible Multiprocessor
Resource Sharing Protocol - MrsP, Proceedings of the 25th Euromicro
Conference on Real-Time Systems (ECRTS 2013), July 2013. It is a
generalization of the Priority Ceiling Protocol to SMP systems. Each
MrsP semaphore uses a ceiling priority per scheduler instance. These
ceiling priorities can be specified with rtems_semaphore_set_priority().
A task obtaining or owning a MrsP semaphore will execute with the
ceiling priority for its scheduler instance as specified by the MrsP
semaphore object. Tasks waiting to get ownership of a MrsP semaphore
will not relinquish the processor voluntarily. In case the owner of a
MrsP semaphore gets preempted it can ask all tasks waiting for this
semaphore to help out and temporarily borrow the right to execute on one
of their assigned processors.
The help out feature is not implemented with this patch.
Do not use the Per_CPU_Control::started in
_SMP_Start_multitasking_on_secondary_processor() since this field may be
not up to date when a secondary processor reads it. Use the read-only
scheduler assignment instead.
Add a new fatal error SMP_FATAL_MULTITASKING_START_ON_INVALID_PROCESSOR.
This prevents out-of-bounds access.
It is currently not possible to test these fatal errors. One option
would be to fake values of the _CPU_SMP_Get_current_processor(), but
unfortunately this function is inline on some architectures.
Enable usage of _Thread_Set_life_protection() in thread dispatch
critical sections. This can be used to enable the thread
life-protection with thread dispatching disabled and then enable thread
dispatching.
Extract code from _Scheduler_SMP_Enqueue_ordered() and move it to the
new function _Scheduler_SMP_Enqueue_scheduled_ordered() to avoid
untestable execution paths.
Add and use function _Scheduler_SMP_Unblock().
The current implementation of task migration in RTEMS has some
implications with respect to the interrupt latency. It is crucial to
preserve the system invariant that a task can execute on at most one
processor in the system at a time. This is accomplished with a boolean
indicator in the task context. The processor architecture specific
low-level task context switch code will mark that a task context is no
longer executing and waits that the heir context stopped execution
before it restores the heir context and resumes execution of the heir
task. So there is one point in time in which a processor is without a
task. This is essential to avoid cyclic dependencies in case multiple
tasks migrate at once. Otherwise some supervising entity is necessary to
prevent life-locks. Such a global supervisor would lead to scalability
problems so this approach is not used. Currently the thread dispatch is
performed with interrupts disabled. So in case the heir task is
currently executing on another processor then this prolongs the time of
disabled interrupts since one processor has to wait for another
processor to make progress.
It is difficult to avoid this issue with the interrupt latency since
interrupts normally store the context of the interrupted task on its
stack. In case a task is marked as not executing we must not use its
task stack to store such an interrupt context. We cannot use the heir
stack before it stopped execution on another processor. So if we enable
interrupts during this transition we have to provide an alternative task
independent stack for this time frame. This issue needs further
investigation.
Clustered/partitioned scheduling helps to control the worst-case
latencies in the system. The goal is to reduce the amount of shared
state in the system and thus prevention of lock contention. Modern
multi-processor systems tend to have several layers of data and
instruction caches. With clustered/partitioned scheduling it is
possible to honour the cache topology of a system and thus avoid
expensive cache synchronization traffic.
We have clustered scheduling in case the set of processors of a system
is partitioned into non-empty pairwise-disjoint subsets. These subsets
are called clusters. Clusters with a cardinality of one are partitions.
Each cluster is owned by exactly one scheduler instance.
Rename rtems_smp_get_current_processor() in
rtems_get_current_processor(). Make rtems_get_current_processor() a
function in uni-processor configurations to enable ABI compatibility
with SMP configurations.
Rename rtems_smp_get_processor_count() in rtems_get_processor_count().
Make rtems_get_processor_count() a function in uni-processor
configurations to enable ABI compatibility with SMP configurations.
Per task variables are inherently unsafe in SMP systems. This
patch disables them from the build and adds warnings in the
appropriate documentation and configuration sections.
The thread deletion is now supported on SMP.
This change fixes the following PRs:
PR1814: SMP race condition between stack free and dispatch
PR2035: psxcancel reveals NULL pointer access in _Thread_queue_Extract()
The POSIX cleanup handler are now called in the right context (should be
called in the context of the terminating thread).
http://pubs.opengroup.org/onlinepubs/009695399/functions/xsh_chap02_09.html
Add a user extension the reflects a thread termination event. This is
used to reclaim the Newlib reentrancy structure (may use file
operations), the POSIX cleanup handlers and the POSIX key destructors.
Add a local context structure to the SMP lock API for acquire and
release pairs. This context can be used to store the ISR level and
profiling information. It may be later used to enable more
sophisticated lock algorithms, e.g. MCS locks.
There is only one lock that cannot be used with a local context. This
is the per-CPU lock since here we would have to transfer the local
context through a context switch which is very complicated.
This method exercises the ability to dynamically get and set
the affinity of POSIX threads.
NOTE: There is no scheduler support for affinity. This is
simply a data integrity test.
Rename _SMP_Request_other_cores_to_perform_first_context_switch() into
_SMP_Request_start_multitasking() since this requests now a multitasking
start on all configured and available processors. The name corresponds
_Thread_Start_multitasking() and
_SMP_Start_multitasking_on_secondary_processor() actions issued in
response to this request. Move in source file to right place.
Rename PER_CPU_STATE_READY_TO_BEGIN_MULTITASKING into
PER_CPU_STATE_READY_TO_START_MULTITASKING.
Rename PER_CPU_STATE_BEGIN_MULTITASKING into
PER_CPU_STATE_REQUEST_START_MULTITASKING.
Rename _SMP_Request_other_cores_to_shutdown() into
_SMP_Request_shutdown().
Add a per-CPU state lock to protect all changes. This was necessary to
offer a controlled shutdown of the system (atomic read/writes alone are
not sufficient for this kind of synchronization).
Add documentation for Per_CPU_State.
Delete debug output.
New tests smptests/smpfatal01 and smptests/smpfatal02.
Remove RTEMS_COMPILER_PURE_ATTRIBUTE from _SMP_Get_current_processor()
and all _CPU_SMP_Get_current_processor(). Make inline ASM statements
volatile again. Test smptests/smpmigration01 showed that GCC optimizes
too much otherwise.
This test referred to the first version of the simple SMP scheduler
which used the thread execution time for its scheduling decisions. For
the current simple SMP scheduler, the execution time of threads is
irrelevant (like in the corresponding single-processor variant).
